Skip to content

menu

Open Legal Blog Archive logo
HomeAboutBlogsFAQsSubmit

Ounce of Prevention: Is It Time to Perform a Security Risk Assessment?

By William Clayton Landa & Allyson M. Maur on April 8, 2024

Applicable Provider Types: All

Is Your Entity in Compliance?

The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 (HIPAA) requires covered entities and their business associates to implement policies and procedures to prevent, detect, contain and correct security violations. Under the HIPAA Security Rule, entities must “periodically” perform a security risk assessment, which can be adapted to the size and sophistication of the entity. While the general approach is to perform one annually, some organizations may do so bi-annually and others every three years.

Read more
  • Posted in:
    Privacy & Data Security
  • Blog:
    Password Protected
  • Organization:
    McGuireWoods LLP
  • Article: View Original Source

Open Legal Blog Archive, Inc. logo
Seattle, Washington
Copyright © 2026, Open Legal Blog Archive, Inc. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo